The function code() on a system_error returns a temporary value of type error_code; using & on such a value is incorrect.
In file included from openvpn3/test/ovpncli/cli.cpp:58:
In file included from openvpn3/client/ovpncli.cpp:97:
In file included from openvpn3/openvpn/client/cliconnect.hpp:60:
In file included from openvpn3/openvpn/client/cliopt.hpp:85:
In file included from openvpn3/openvpn/tun/mac/client/tuncli.hpp:38:
openvpn3/openvpn/tun/tunio.hpp:119:42: error: taking the address of a temporary object of type 'boost::system::error_code' [-Waddress-of-temporary]
tun_error(Error::TUN_WRITE_ERROR, &e.code());
^~~~~~~~~
openvpn3/openvpn/tun/tunio.hpp:152:42: error: taking the address of a temporary object of type 'boost::system::error_code' [-Waddress-of-temporary]
tun_error(Error::TUN_WRITE_ERROR, &e.code());
^~~~~~~~~
openvpn3/openvpn/tun/tunio.hpp:119:42: error: taking the address of a temporary object of type 'boost::system::error_code' [-Waddress-of-temporary]
tun_error(Error::TUN_WRITE_ERROR, &e.code());
^~~~~~~~~
openvpn3/openvpn/tun/mac/client/tuncli.hpp:330:17: note: in instantiation of member function 'openvpn::TunIO<openvpn::TunMac::Client *, openvpn::TunMac::PacketFrom, openvpn::TunWrapAsioStream<openvpn::TunPersistTemplate<openvpn::ScopedAsioStream<boost::asio::posix::basic_stream_descriptor<boost::asio::executor> > > > >::write' requested here
return impl->write(buf);
^
Signed-off-by: Jay Freeman (saurik) <saurik@saurik.com>
GitHub-pull-req: #76
Approved-by: Lev Stipakov <lev@openvpn.net>
Approved-by: David Sommerseth <davids@openvpn.net>
The current Tun code for Windows happens to compile on Microsoft Visual C++,
but will not compile on either clang or gcc as it isn't standards compliant.
openvpn3/openvpn/tun/win/tunutil.hpp:213:17: error: non-const lvalue reference to type '__wrap_iter<...>' cannot bind to a temporary of type '__wrap_iter<...>'
for (auto& i = guids.begin(); i != guids.end(); i++)
^ ~~~~~~~~~~~~~
The type of guids.begin() is a value iterator, and so must be merely "auto".
Signed-off-by: Jay Freeman (saurik) <saurik@saurik.com>
GitHub-pull-req: #74
Approved-by: Lev Stipakov <lev@openvpn.net>
Approved-by: David Sommerseth <davids@openvpn.net>
When compiling openvpn3 with MinGW, the build fails as follows:
openvpn3/openvpn/ip/ping6.hpp:46:20: error: no member named 's6_addr16' in 'in6_addr'
return addr->s6_addr16;
~~~~ ^
This is because the code checks for _MSC_VER instead of _WIN32.
Signed-off-by: Jay Freeman (saurik) <saurik@saurik.com>
GitHub-pull-req: #73
Approved-by: Lev Stipakov <lev@openvpn.net>
Approved-by: David Sommerseth <davids@openvpn.net>
This also removes unittest.vcxproj from solution, since
it is deprecated in favor of CMake-based unit tests.
Signed-off-by: Lev Stipakov <lev@openvpn.net>
When building the clinetcfg test client in openvpn3-linux with DCO support,
the building fails with the following compiler error:
In file included from ./openvpn3-core/openvpn/common/base64.hpp:31:0,
from ./openvpn3-core/openvpn/init/initprocess.hpp:31,
from ./openvpn3-core/client/ovpncli.cpp:90,
from ./openvpn3-core/test/ovpncli/cli.cpp:58,
from src/tests/netcfg/cli.cpp:29:
./openvpn3-core/openvpn/tun/linux/client/tunsetup.hpp: In member function ‘int openvpn::TunLinuxSetup::Setup<TUNMETHODS>::establish(const openvpn::TunBuilderCapture&, openvpn::TunBuilderSetup::Config*, openvpn::Stop*, std::ostream&)’:
./openvpn3-core/openvpn/tun/linux/client/tunsetup.hpp:145:94: error: there are no arguments to ‘errinfo’ that depend on a template parameter, so a declaration of ‘errinfo’ must be available [-fpermissive]
OPENVPN_THROW(tun_open_error, "error opening tun device " << node <<": " << errinfo(errno));
^
./openvpn3-core/openvpn/common/exception.hpp:130:18: note: in definition of macro ‘OPENVPN_THROW’
_ovpn_exc << stuff; \
^
By including the asioerr.hpp header file in
openvpn/tun/linux/client/tunsetup.hpp, this failure is resolved.
Signed-off-by: David Sommerseth <davids@openvpn.net>
This test attempts to assure that the measurements we get from
openvpn::cpu_time() is within a reasonable range of what we should
normally expect.
This is achieved by using a simple worker thread which ensures the
process is not "idling" (like it would with sleep()) but in a real busy
loop which takes some time. Then we measure the time spent in the busy
loop, both using a simplistic time() and comparing that with what
cpu_time() returns.
This unit test also supports measuring multiple running threads
individually too.
Signed-off-by: David Sommerseth <davids@openvpn.net>
This introduces experimental support for Wintun
as an alternative for tap-windows6.
In order to use wintun, set "ClientAPI::Config::wintun"
flag to "true" or use "-w" option in test client.
Signed-off-by: Lev Stipakov <lev@openvpn.net>
The Clang++ compiler is not happy about this missing declaration on
virtual methods, which is a fair complaint.
Signed-off-by: David Sommerseth <davids@openvpn.net>
Renamed expand_ports() to expand_ports_by_n_threads() and
added expand_ports_by_unit(). Both methods extend a set
of Listen::Item entries to span a port range.
Signed-off-by: James Yonan <james@openvpn.net>
Returns true if we did a full SSL handshake/negotiation.
or false for cached, reused, or persisted sessions.
Signed-off-by: James Yonan <james@openvpn.net>
Earlier versions of OpenSSL (before 1.0.2r) appear to
segfault when the SSL_CTX_set_tlsext_ticket_key_cb
callback returns 0 (no key) when enc==1.
This commit also privatizes the default constructor for
TLSSessionTicketBase Name/Key (which creates the object in an
undefined state) and removes methods that allow direct access
to the underlying name/key data. Since only the SSL
implementation classes (OpenSSLContext and MbedTLSContext)
require this level of access, we friend them, but deny access
to all other users. This helps to prevent bugs in the
higher-level Name/Key handling code, such as failing to
initialize a Key by using the default constructor.
Signed-off-by: James Yonan <james@openvpn.net>
* Fixed a bug in Name::operator<()
* ~Key() now wipes key data from memory
* Added key_transform() method
* Added session_id_context() virtual method for identifying app
Signed-off-by: James Yonan <james@openvpn.net>
This is an initial client and server-side implementation
for OpenSSL 1.0.2.
Note that this functionality is intended for use with
HTTP sessions, and should not be used with the OpenVPN
protocol.
Signed-off-by: James Yonan <james@openvpn.net>
MSF::find() is like ordinary map/set find(), but returns an
iterator that defines an operator bool() method for testing
if the iterator is defined, e.g.:
std::map<std::string, std::string> m;
m.emplace("hello", "world");
auto e = MSF::find(m, "hello");
if (e)
std::cout << e->first << " -> " << e->second << std::endl;
Signed-off-by: James Yonan <james@openvpn.net>
Removed set_enable_renegotiation from SSLConfigAPI and underlying
SSL implementations (OpenSSL, MbedTLS) since we are not currently
using it and TLS 1.3 standardizes on a session ticket model rather
than server-side session caching.
Signed-off-by: James Yonan <james@openvpn.net>